Linux and open source articles and tutorials based on real world projects and deployments

Getting started with Ansible on CentOS 7

Ansible is excellent tools for automating deployment and provisioning on your network systems. It comunicates over ssh and does not require any additional software installed on client side. We will take a look at very basic setup and configuration on CentsOS 7.

LAB Environment
In our LAB we have one system running ansible and two clent systems setup all running CentOS 7.
ansible.local 192.168.0.100
client1.local 192.168.0.101
client2.local 192.168.0.102

Preparing environment
We will need to prepare few things before we start using ansible.
First we will need to make sure our clients host names are resolvable by DNS. If not we can add them to local host file

vi /etc/hosts
192.168.0.101 client1.local
192.168.0.102 client2.local

Now we need to setup ssh keys for passwordless authentication and copy keys to our client systems

[root@ansibol ~]# ssh-copy-id root@client1.local
The authenticity of host 'client1.local (192.168.0.101)' can't be established.
ECDSA key fingerprint is 42:00:44:9c:7d:ea:d2:1f:22:b2:51:40:e3:08:fc:2a.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@client1.local's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'root@client1.local'"
and check to make sure that only the key(s) you wanted were added.
[root@ansibol ~]# ssh-copy-id root@client2.local
The authenticity of host 'client2.local (192.168.0.103)' can't be established.
ECDSA key fingerprint is 42:00:44:9c:7d:ea:d2:1f:22:b2:51:40:e3:08:fc:2a.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@client2.local's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'root@client2.local'"
and check to make sure that only the key(s) you wanted were added.

Here is how we would create a user john with password john123 on all systems

ansible all -m user -a "name=john password="

Playbooks
Playbooks consist of modules. You can use existing modules or write your own modules. To see list of available modules.

ansible-doc -l

We now will look at example of deploying Nagios client using Ansible playbook
We will first create a file called nrpe.tpml which will have some configuration changes in it. Now example of playbook in our case will look like this. Create playbook1.yml